Redis 7.0.12&&6.2.13&&7.2.0
dblife1024 opened this issue · comments
dblife1024 commented
Hello, can you help compile these versions?
Because these versions have fixed the following CVE:
- (CVE-2022-24834) A specially crafted Lua script executing in Redis can trigger
a heap overflow in the cjson and cmsgpack libraries, and result in heap
corruption and potentially remote code execution. The problem exists in all
versions of Redis with Lua scripting support, starting from 2.6, and affects
only authenticated and authorized users.
zkteco-home commented
7.2.0 will be released once star reach 1K